Menu
What's new
By:
Filters Better Search

Can I stop VPN users (my kids!) from accessing my internet?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

C

CRAIG007

New Around Here
I have an ASUS AC3200 router and use parental controls to lock out my kids devices after a certain time. It worked well until they figured out some sort of VPN program/software that allows them to be on at all hours of the night. Putting aside discipline, unplugging the router and taking their devices away, is there anyway I can block them from using VPN to get on? I tried researching online and the ASUS interface as well but don't quite understand everything being said (VPN server vs VPN client; Open VPN vs PPTP). Any help is greatly appreciated.
 
You can try to disable NAT Pass-through to disallow the Virtual Private Network (VPN) connection to pass through the router to the network clients as outlined here.

It depends which protocol the VPN programs/software is using if this will work or not - but it's good to check!
Of course: This will disable any VPN access to the internet - also yours if you have one on your devices... :rolleyes:

Maybe the eBlocker would be the perfect solution for your needs - the price is still not to high, but the promise is big! And: It's a plug and play solution for any environment!
 
Last edited:
You might have some success if you first setup a wireless MAC filter and only allow specified devices WiFi access. That makes it more difficult but not impossible for someone to avoid the next step. This protection can be negated by spoofing the MAC address of another and unrestricted device in step two.

Then enable a network services filter blocking your kids from accessing the WWW during certain hours. You can also set up other filters. Again this can be bypassed once the kids start spoofing MAC addresses.

If this doesn't work get a seperate router for your kids connections and install it as an AP. Put the same SSID and password as on your present 2.4 Ghz WiFi network. Set its radio type to B only (may need to find an old Linksys 54 to do this ) and see how your kids like surfing the net with a link rate of 11Mbps. Then change the SSID and passwords on your router so you can continue with normal speeds. If you also want to take them off the Internet at night put a lamp timer on this router. With no power to the AP, there is nothing for them to bypass.

Just be sure to secure the AP you setup for the kids so they can't do a factory reset.
 
Are you using 5GHz all the time? Maybe you can set "wireless scheduler" for 2.4GHz and you use 5GHz. I'm not sure if you can set differently for each of them. But if you can, and you use 5GHz all the time, then control your kids by scheduling 2.4GHz wireless off when it is time for them to sleep. Use different names and passwords between 2.4GHz and 5GHz WiFi.
 
Are you sure they are using a VPN solution to bypass your parental controls time schedule? If they are using wireless devices, they can get around your restrictions by doing something as simple as connecting to a different SSID or Wifi network in range that is NOT controlled by your router. That (very) effectively negates any settings you would apply on the AC3200.

The only thing you can do technologically in this situation is to activate parental restrictions on the devices themselves. Set up whatever limits the device supports and do not share the password with your kids under an circumstances. Then hope they don't reset their devices back to factory / OS defaults to remove your restrictions.

What you will find is that kids will research and uncover all manner of work-arounds to anything you attempt to put into place. Depending on their ages, in the end, your only real control is your ability to exact consequences for their actions after your expectations for their behavior have been clearly communicated. It's up to them to obey the rules of the household and up to you to enforce them in the way that suits the situation best. Relying on technology to do that for you will only get you so far.

Good luck!
 
How do I set up a wireless scheduler for my 2.4GHz? Also, in order to use the VPN program to bypass my parental controls, do they have to connect to the wireless router (using password)?




Wutikorn said:
Are you using 5GHz all the time? Maybe you can set "wireless scheduler" for 2.4GHz and you use 5GHz. I'm not sure if you can set differently for each of them. But if you can, and you use 5GHz all the time, then control your kids by scheduling 2.4GHz wireless off when it is time for them to sleep. Use different names and passwords between 2.4GHz and 5GHz WiFi.
Click to expand...
 
overClocked! said:
Are you sure they are using a VPN solution to bypass your parental controls time schedule? If they are using wireless devices, they can get around your restrictions by doing something as simple as connecting to a different SSID or Wifi network in range that is NOT controlled by your router. That (very) effectively negates any settings you would apply on the AC3200.

The only thing you can do technologically in this situation is to activate parental restrictions on the devices themselves. Set up whatever limits the device supports and do not share the password with your kids under an circumstances. Then hope they don't reset their devices back to factory / OS defaults to remove your restrictions.

What you will find is that kids will research and uncover all manner of work-arounds to anything you attempt to put into place. Depending on their ages, in the end, your only real control is your ability to exact consequences for their actions after your expectations for their behavior have been clearly communicated. It's up to them to obey the rules of the household and up to you to enforce them in the way that suits the situation best. Relying on technology to do that for you will only get you so far.

Good luck!
Click to expand...

I'm not certain of the VPN program they are using but when we were in China, they were able to get around China's blocking of Facebook and Twitter using some OpenVPN program.
 
CRAIG007 said:
I'm not certain of the VPN program they are using but when we were in China, they were able to get around China's blocking of Facebook and Twitter using some OpenVPN program.
Click to expand...

That's something different. They would still need access to the Internet to establish a VPN connection in the first place.

Another thing I have seen kids do is obtain a separate device with routing capabilities, patch that into the modem bypassing your wireless router completely, rendering it useless without you knowing since your router still broadcasts your normal SSID if it's powered on.

But the most likely and easiest thing for them to do is connect to a neighboring SSID using the wifi password they obtained while visiting, or connecting to an ISP hotspot like those offered by xfinity/Comcast or AT&T. If their devices are mobile phones with a data plan, they can simply disable wifi and get out to the Internet over 4G/LTE.

You can easily check this by viewing the Bandwidth monitor (from the Adaptive QoS section) to view the realtime usage of your currently connected clients. If you observe them on the Internet late at night, check to see if their bandwidth usage is at 0.0 Kb or their devices don't show up at all. That's a clear indication they've bypasses your router using one of the tricks I mentioned.


Sent from my iPhone using Tapatalk
 
It may not be VPN at all.

There are many many wifi access points/hotspots available now that have no security on them and anyone can connect to them.

Just have to scan for connections to find them.
 
KevTech said:
It may not be VPN at all.

There are many many wifi access points/hotspots available now that have no security on them and anyone can connect to them.

Just have to scan for connections to find them.
Click to expand...

Yeah. Exactly.

There are services I mentioned before like AT&T and Xfinity that provide mobile devices with the means to connect to public hotspots automatically using your subscriber account login credentials. The modems they provide household consumers come with this feature turned on by default to expand their public wifi coverage. There is a high probability that you can see these throughout your neighborhood and if you are one of their customers, one is even in your house without you really knowing.


Sent from my iPhone using Tapatalk
 
You must log in or register to reply here.

Similar threads

Mastiff
I can ping PPTP VPN-server from router, but the clients have no connection
Replies
0
Views
683
Mastiff
Mastiff
P
Cannot get VPN to function properly from ASUS router to Apple TV
Replies
3
Views
1K
drinkingbird
drinkingbird
R
Upgrade from Amplifi HD
Replies
2
Views
2K
Trip
T
O
I may have a silly question regarding VPN and XT8 - please be nice
2
Replies
25
Views
5K
Tech Junky
T
SunrisePro
Looking for a new router to take advantage of 1gb internet and the options are making my head swim - please help!
2 3 4
Replies
69
Views
9K
jerry6
jerry6
Similar threads
Thread starter Title Forum Replies Date
J I've stopped IGMP, LLDP, but there is a final multicast medium by the router, via a UDP packet, any idea how to stop that? ASUS Wireless 4
T WireGuard VPN - 2FA ASUS Wireless 6
M VPN setup with ASUS, QNAP and SOPHOS ASUS Wireless 1
G Asus firmware IKEv2 VPN security issue ASUS Wireless 7
A Continuous issues with Wireguard VPN on Asus RT-AX86U ASUS Wireless 0
R VPN server: run on RT-AC68U or RPi 3? ASUS Wireless 19
M VPN menu missing on Asus AX11000 ASUS Wireless 3
4 AiProtection & router-based VPN are incompatible ASUS Wireless 8
B Instant Guard VPN ASUS Wireless 1
E Urban-VPN on Asus ASUS Wireless 0

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 680 (members: 20, guests: 660)
Top